package com.thomas.realm;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.thomas.entity.Blogger;
import com.thomas.service.BloggerService;

/**
 * 
 *自定义Realm
 *@author thomas_liu 
 **/
public class MyRealm extends AuthorizingRealm {
	
	@Autowired
	private BloggerService bloggerService;
	
	
	/**
	 *为当前的登录的用户角色和权限 
	 **/
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
		// TODO Auto-generated method stub
		return null;
	}

	/**
	 *验证当前登录的用户 
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		String userName = (String) token.getPrincipal();
		Blogger blogger = bloggerService.getBloggerByUserName(userName);
		if(blogger != null){
			SecurityUtils.getSubject().getSession().setAttribute("currentUser", blogger);
			AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(blogger.getUserName(), blogger.getPassword(), "thomas");
			return authcInfo;
		}else{
			return null;
		}
	}

}
